Reference Integrity Manifest
Each CoMID in the CoRIM provides reference measurements for a device. During attestation, SPDM measurements provided by RoT firmware are authenticated against the reference manifest.
The reference manifest only includes entries for measurements that affect the security of the device. The following table lists SPDM measurements included in the reference manifest for supporting NVIDIA NICs and DPUs. The Type and Size fields reflect values of DMTFSpecMeasurementValueType and DMTFSpecMeasurementValueSize for the SPDM measurement block.
The following table presents ConnectX-7 CoRIM files along with the relevant firmware image are accessible in the firmware download page.
IDX | Measurement | Value | Description | Notes |
1 | DMTFSpecMeasurementValueType | 0x83 | 0x83 = Raw bitstream, FW Config | Measurement Block Version
The goal is to ensure that definition of measurement block can be changed/updated gracefully. |
DMTFSpecMeasurementValueSize | 4 | 4-byte unsigned integer, little endian | ||
2 | DMTFSpecMeasurementValueType | 0x01 | 0x01 = Hash, mutable FW | ConnectX M1 – boot level 1 firmware |
DMTFSpecMeasurementValueSize | 64 | SHA2-512 hash | ||
3 | DMTFSpecMeasurementValueType | 0x01 | 0x01 = Hash, mutable FW | ConnectX M2 – boot level 2 firmware |
DMTFSpecMeasurementValueSize | 64 | SHA2-512 hash | ||
4 | DMTFSpecMeasurementValueType | 0x01 | 0x01 = Hash, mutable FW | ConnectX M3 – boot level 3 firmware |
DMTFSpecMeasurementValueSize | 64 | SHA2-512 hash | ||
5 | DMTFSpecMeasurementValueType | 0x01 | 0x01 = Hash, mutable FW | ConnectX M4 – boot level 4 firmware |
DMTFSpecMeasurementValueSize | 64 | SHA2-512 hash |
Information for BlueField-3 will be added in a future version.